Reputation: 203
How to create a dynamic role on Airflow?
I am trying to implement a multi-tenancy model in Airflow using RBAC. I am on Airflow 2.0.1. The idea is to have a set of base permissions that each tenant has on the Airflow server. But each tenant will get its own role, so I can use access_control at DAG level to only let users of that tenant see the DAG.
Does anyone know how to create a new role by:
copying permissions of another pre-defined Role
OR
specifying the permissions, at role creation or after creating an empty role
Edit: I am trying to do this through API or CLI, not the webserver UI. Thank you!
Upvotes: 0
Views: 2831
Answers (1)
Reputation: 254
You can use the airflow STABLE REST API to create a role with predefined permissions checkout - [https://airflow.apache.org/docs/apache-airflow/stable/stable-rest-api-ref.html#operation/post_role]
For example:
curl -X POST "http://localhost:8080/api/v1/roles" -H "accept: application/json" -H "Content-Type: application/json" -d "{\"actions\":[{\"action\":{\"name\":\"can_read\"},\"resource\":{\"name\":\"Website\"}},{\"action\":{\"name\":\"can_edit\"},\"resource\":{\"name\":\"DAG:tutorial\"}},{\"action\":{\"name\":\"can_create\"},\"resource\":{\"name\":\"Task Instances\"}}],\"name\":\"new_custom_role\"}"
You can checkout all permissions here - airflow permissions
Upvotes: 2
Related Questions
- How to dynamically create tasks in airflow
- How to create airflow task dynamically
- Airflow dynamic tasks at runtime
- Airflow user creation
- Airflow LDAP authentication with RBAC features
- How to configure Airflow RBAC UI Security with REMOTE_USER
- Configure role for Airflow Connection
- How to use the User role in Airflow 1.10 RBAC?
- 'AnonymousUserMixin' object has no attribute 'roles' error in Airflow Webserver when using LDAP with Flask-AppBuilder RBAC
- Dynamic task definition in Airflow